Outdated Word Press site plug-ins, hardening proposals...

[polonus]

Re: Plugin   Update Status   About
wp-fastest-cache 1.1.0   Warning   latest release (1.1.6)
http://wordpress.org/plugins/wp-fastest-cache/
wordpress-seo 20.0   Warning   latest release (20.
https://yoa.st/1uj
formidable 5.5.6   Warning   latest release (6.3.1)
https://formidableforms.com/    Outdated versions detected.

Externally linkes host - goomedia.digitaal-magazine.nl   AMAZON-02

At what site? -> https://sitecheck.sucuri.net/results/teleplaza.nl   (redhat nginx website)

Hardening proposals: see: https://sitecheck.sucuri.net/results/teleplaza.nl

polonus

[polonus]

But potentially malicious script detected on same IP at website -https://aika.fiber.nl/

What? Detected Potentially Suspicious Files by Quttera's.
File name   /assets/index-3bb9e352.js
Threat name   PS.SuspScript.gen
File type   ASCII
Reason   Detected hidden call to replace.
Details   Detected potentially suspicious content.
Threat dump XXXXX[[constt=Ve(Ho),n=Ve(Xh),r=Lt(()=>t.resolve(Is(e.to))),s=Lt(()=>{const{matched:c}=r.value,{length:a}=c,u=c[a-1],f=n.matched;if(!u||!f.length)return-1;constd=f.findIndex(rs.bind(null,u));if(d>-1)returnd;consth=uf(c[a-2]);returna>1%26%26uf(u)===h%26%26f[f.length-1].path!==h?f.findIndex(rs.bind(null,c[a-2])):d}),i=Lt(()=>s.value>-1%26%26cb(n.params,r.value.params)),o=Lt(()=>s.value>-1%26%26s.value===n.matched.length-1%26%26Qh(n.params,r.value.params));functionl(c={}){returnlb(c)? XXXX t[Is(e.replace)?"replace":"push"](Is(e.to)).catch(Us)]]
Threat MD5   63B0995854A8AE1AB3F6CD6BCA2AC381
File MD5   ACFD0BC080EC2B73325ABA8F0F345345
Line   Available via API only.

Solution: use replace when redirecting from an invalid url....

polonus

[polonus]

New gaping hole to be patched:
https://www.wordfence.com/blog/2023/06/critical-security-update-directorist-wordpress-plugin-patches-two-high-risk-vulnerabilities/

pol